Finance Pro
    Subscribe for Alerts
    Money

    Former Hacker Who Stole Millions: 3 Alarming Cyber Threats on the Rise | Invesloan.com

    Updated:

    Brett Johnson spent over a decade breaking into systems, stealing identities, and selling stolen credit cards on the dark web. He stole millions of dollars, often making over $100,000 a month through tax-return identity theft.

    He’s worked with the Secret Service and private companies as a consultant to help stop the kinds of crimes he once perpetrated. He told Business Insider’s Carter Thallon in a recent interview that the crime world he helped invent is mutating into something harder to see — and almost impossible to stop.

    Cybercrime is becoming increasingly organized, and that’s a problem, he said. The next wave of cybercrime will come from entire operations powered by artificial intelligence, where machines write the scams, fake the evidence, and even talk to the victims in real time.

    Here are the three rising cyber threats that alarm him most.

    1. The deepfake problem is only beginning


    Brett Johnson is sitting at a laptop, looking up from it ominously.

    Johnson warns that there may be a future where we can’t trust anything online.

    Courtesy of Brett Johnson



    Johnson said deepfakes that convincingly mimic real people will become central to online fraud. Criminals already use them to forge voice messages and fake live video calls. Soon, this technology will make it impossible to trust what we see or hear online, Johnson said.

    “In order for me to defraud you, I have to get you to trust me,” he said. However, deepfakes enable criminals to essentially bypass the effort of gaining trust by posing as an already trustworthy person, accelerating the process of victimizing you.

    One finance clerk, last year, for example, was conned into approving overseas transfers amounting to more than $25 million, Shubham Agarwal reported for BI. The clerk had been instructed to do so during a video call that turned out to be full of deepfakes recreations of his real coworkers, including the organization’s chief financial officer.

    “We get to the point where we’re no longer able to trust anything that we see or hear in an online environment, and that becomes really dangerous,” he said.

    That threat is compounded by the speed of AI tools, which can mimic speech patterns, create realistic faces, and write messages tailored to a target’s personality.

    2. Scam farms that run like corporations

    Gone are the days when fraudsters acted alone, Johnson said. Scam farms are becoming the new norm.

    Scam farms are buildings packed with workers — who are often trafficked or forced into slave labor — running simultaneous cons.

    Some of these operations specialize in “pig butchering,” long-term relationship scams that drain victims’ savings.

    That’s exactly what happened to Ahmet Tozal, who recently told BI’s Matthew Loh of a relationship he built with a supposed woman online.

    Over several weeks, the woman convinced him to invest over a year’s worth of his wages into a cryptocurrency that didn’t exist. He ultimately had to move from Turkey to Uzbekistan alone to find a higher salary to support his family.

    These scam farms are structured businesses, with workers rotating shifts and supervisors overseeing them. “That’s something we didn’t see back then,” Johnson said about the time he was scamming people in the 90s and early 00s.

    “Back then, you did see criminals working together, networking in a co-op type fashion. But these days it’s much more organized,” he added.

    3. The rise of synthetic identities


    Illustration of AI generated person.

    Synthetic identity theft is almost impossible to stop.

    ismagilov/Getty Images



    The same automation fueling deepfakes is driving identity fraud to a new level.

    Johnson calls synthetic identity fraud — a blend of real and fake personal data used to create a new digital person — the No. 1 form of identity theft in the world.

    It’s especially concerning because “synthetic fraud is almost invisible because that person doesn’t really exist,” he said, adding that “it’s 80% of all new account fraud. It’s 20% of all credit card chargebacks, 5% of all credit card debt. It’s huge.”

    Once a fake identity establishes credit, it can be used to open bank accounts, apply for loans, or facilitate money laundering. Banks often discover the fraud only after the accounts vanish. If synthetic IDs continue to rise, it could make fraud detection exponentially harder.

    How to protect yourself from fraud


    Woman sitting on couch.

    It’s more important than ever to take steps to protect yourself against fraud.

    VIJ/Getty Images



    Fraud is easier to achieve now than ever before. “A criminal now doesn’t have to understand any aspect of the crime. They can immediately buy tutorials, take live instruction classes, buy anything that they need online, and immediately start being successful and profitable at crime,” Johnson said.

    So it’s important to know how to protect yourself. Johnson told BI’s Manseen Logan earlier this year, six ways to lower your risk of hacking:

    1. Practice situational awareness online: Understand that every online platform has predators.
    2. Freeze the credit of everyone in your home, not just you: This can immediately stop any new account fraud.
    3. Place alerts on accounts where you can, so you know whenever they are used.
    4. Follow good password security: Never use the same password for any accounts.
    5. Set up multifactor authentication: When used with other tools, this can significantly boost your security.
    6. Careful what you share on social media: Scammers can easily pull sensitive information like your birthday and your mother’s maiden name and use it to try to hack you.
    Share.

    Keep Reading

    © 2007-2023 Invesloan.com All Rights Reserved.